3 Replies Latest reply on Jan 23, 2017 5:38 AM by mchoma

Setting up SSL for Application: No SSL Context available from security realm

aaronalex Jan 9, 2017 2:23 AM

My application needs to communicate to a third party service via SSL. Trying to setup by following the steps highlighted in 2.2.5 on the article How To Configure Server Security - Red Hat Customer Portal

Below is a screengrab of the console output. Would appreciate if anyone can shed some light on specifically resolving this.

Thanks!

Server: JBoss EAP 7.0.

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Windows PowerShell

PS C:\Users\Administrator> C:\Sandbox\EAP-7.0.0\bin\jboss-cli.bat

You are disconnected at the moment. Type 'connect' to connect to the server or 'help' for the list of supported commands

[disconnected /] connect

[standalone@localhost:9980 /] /core-service=management/security-realm=HTTPSRealm/:add

{"outcome" => "success"}

[standalone@localhost:9980 /] /core-service=management/security-realm=HTTPSRealm/server-identity= \

> ssl:add(keystore-path=C:\DW\EAI\sp.keystore, \

> keystore-relative-to=jboss.server.config.dir, \

> keystore-password=123456, alias=ssl)

{

"outcome" => "success",

"response-headers" => {

"operation-requires-reload" => true,

"process-state" => "reload-required"

}

[standalone@localhost:9980 /] /subsystem=undertow/server=default-server/https-listener=https:add( \

> socket-binding=https, security-realm=HTTPSRealm)

{

"outcome" => "failed",

"failure-description" => {"WFLYCTL0080: Failed services" => {"jboss.undertow.listener.https" => "org.jboss.msc.servi

ce.StartException in service jboss.undertow.listener.https: Failed to start service

Caused by: java.lang.IllegalStateException: WFLYUT0079: No SSL Context available from security realm. Either the rea

lm is not configured for SSL, or the server has not been reloaded since the SSL config was added."}},

"rolled-back" => true,

"response-headers" => {"process-state" => "reload-required"}

}

[standalone@localhost:9980 /]

1. Re: Setting up SSL for Application: No SSL Context available from security realm

mchoma Jan 9, 2017 7:37 AM (in response to aaronalex)

You need to run CLI commands in batch or reload the server after second CLI command. I have created documentation JIRA for that [JBEAP-8158] CLI commands for https setup need to be run in batch - JBoss Issue Tracker to make it explicit in documentation.
1 of 1 people found this helpful
Actions
2. Re: Setting up SSL for Application: No SSL Context available from security realm

aaronalex Jan 23, 2017 4:37 AM (in response to aaronalex)

I've seen what was added to the standalone.xml on the 2nd step, realized that filepath was CDWEAIsp.keystore instead of C:\DW\EAI\sp.keystore. Also, since I wanted use an absolute path, removed keystore-relative-to from 2nd command and the 3rd step worked.

Not too sure if this is the correct way thou.
1 of 1 people found this helpful
Actions
3. Re: Setting up SSL for Application: No SSL Context available from security realm

mchoma Jan 23, 2017 5:38 AM (in response to aaronalex)

For windows you should use "/" in keystore paths. There is JIRA for that [WFCORE-1519] Operation parameters described with filesystem-path should not require escaping the separator - JBoss Issu…
Actions

Go to original post